Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/RzVK9NeaYJZQpC4ZmO9MFpIgYLQ.roa
File: RzVK9NeaYJZQpC4ZmO9MFpIgYLQ.roa (raw, json)
Hash identifier: o9UjtLmDFYf+3q2evXDh4U6rRsOTTdpvQr3T53tOw+4=
Subject key identifier: 47:35:4A:F4:D7:9A:60:96:50:A4:2E:19:98:EF:4C:16:92:20:60:B4
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0A39DE89
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/RzVK9NeaYJZQpC4ZmO9MFpIgYLQ.roa
Signing time: Wed 26 Jan 2022 15:05:21 +0000
ROA not before: Wed 26 Jan 2022 15:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 213.176.64.0/21 maxlen: 24
62.60.128.0/21 maxlen: 24
213.176.72.0/22 maxlen: 24
213.176.88.0/21 maxlen: 24
213.176.112.0/21 maxlen: 24
213.176.20.0/22 maxlen: 24
62.60.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171564681 (0xa39de89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 26 15:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47354af4d79a609650a42e1998ef4c16922060b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:11:e7:71:ae:40:ad:d2:41:61:24:b3:0b:db:
56:c9:4b:55:8d:58:df:da:b8:98:28:c1:76:65:5f:
46:ad:db:c7:51:29:9a:4b:24:92:0c:c9:e3:2d:f8:
1c:c0:a4:1b:69:e4:05:6a:fb:54:0d:38:d2:d8:46:
aa:70:47:e3:95:e3:cd:94:c9:ac:dd:ee:ec:53:60:
66:50:a3:c5:66:38:91:1a:cb:58:22:2f:44:a5:3c:
01:78:a5:c7:fc:1b:4c:da:91:05:d8:f4:aa:b7:6c:
39:dd:a2:37:4c:21:f6:7a:3e:5d:2b:72:0b:dd:78:
3b:4a:98:50:b8:7a:dd:89:11:55:b7:03:0a:aa:99:
06:1b:dd:12:d2:1a:b8:19:61:72:a7:e8:78:e6:1a:
9d:23:2d:12:77:73:ed:20:a4:6d:7a:0f:70:29:b0:
3e:20:5b:ff:d1:ae:ea:19:f3:49:ec:6f:d8:8c:69:
8c:18:61:99:98:57:6a:5d:ec:a1:5d:d6:25:19:7b:
4b:cd:e5:b2:13:35:a4:ce:09:bb:02:9b:fb:15:18:
fc:99:28:b0:23:62:04:66:b0:50:a1:44:78:8b:36:
72:bb:5d:23:11:4a:c3:20:c7:c8:81:53:29:ad:fd:
92:2c:54:09:6d:26:76:4e:55:89:16:92:ac:24:32:
6d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:35:4A:F4:D7:9A:60:96:50:A4:2E:19:98:EF:4C:16:92:20:60:B4
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/RzVK9NeaYJZQpC4ZmO9MFpIgYLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.128.0/21
62.60.200.0/21
213.176.20.0/22
213.176.64.0-213.176.75.255
213.176.88.0/21
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
ad:b6:69:78:aa:bb:ca:c0:e2:28:59:34:7c:be:17:11:b5:45:
36:e4:ef:30:5b:e9:1a:39:9a:08:e2:88:d0:fa:45:ba:70:0d:
dd:3d:53:ab:4d:6a:80:4a:65:bc:3d:a0:ae:b3:f5:e0:2b:33:
0b:3d:65:2b:f8:5e:d6:f7:7d:f7:7f:d5:9c:b2:c6:7c:87:15:
e5:29:1e:a5:56:95:d7:c6:32:78:40:0a:22:ac:18:12:ee:10:
3a:62:43:54:de:c5:3f:24:bc:cd:87:d8:f4:55:68:c6:72:c7:
c0:67:65:3d:93:bd:23:ea:2e:bd:19:ba:83:3d:2c:0b:97:48:
8a:39:76:5f:10:20:7e:2f:68:32:08:8b:65:05:6d:d8:2e:96:
08:d2:eb:d0:f0:15:0f:70:a2:50:fd:98:6f:d1:f8:1b:fb:9e:
0d:39:5b:c4:69:7d:3d:70:44:2d:8c:02:56:53:40:e4:b5:6f:
83:e5:ac:c2:6f:fa:c6:3d:c5:03:cd:f0:24:20:3b:d7:9d:9b:
69:8a:87:25:e5:8b:05:97:95:be:51:21:b2:eb:bc:b5:0a:9e:
89:57:76:84:7b:0b:b2:6d:04:f0:69:74:8b:a7:9f:86:f0:2b:
6f:1c:e8:59:f8:a8:0d:1d:8b:f2:44:bc:85:01:02:16:eb:ad:
2e:a7:70:83
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIECjneiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2MxODUyN2UzYTIwNmFmMjg0MjAyOGQ5NWFlYzQxMzM4ZThkYWY4MB4XDTIyMDEy
NjE1MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDczNTRhZjRkNzlh
NjA5NjUwYTQyZTE5OThlZjRjMTY5MjIwNjBiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAR53GuQK3SQWEkswvbVslLVY1Y39q4mCjBdmVfRq3bx1Ep
mkskkgzJ4y34HMCkG2nkBWr7VA040thGqnBH45XjzZTJrN3u7FNgZlCjxWY4kRrL
WCIvRKU8AXilx/wbTNqRBdj0qrdsOd2iN0wh9no+XStyC914O0qYULh63YkRVbcD
CqqZBhvdEtIauBlhcqfoeOYanSMtEndz7SCkbXoPcCmwPiBb/9Gu6hnzSexv2Ixp
jBhhmZhXal3soV3WJRl7S83lshM1pM4JuwKb+xUY/JkosCNiBGawUKFEeIs2crtd
IxFKwyDHyIFTKa39kixUCW0mdk5ViRaSrCQybXUCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRHNUr015pgllCkLhmY70wWkiBgtDAfBgNVHSMEGDAWgBTDwYUn46IGryhC
Ao2VrsQTOOja+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c4R0ZKLU9pQnE4b1FnS05sYTdFRXpqbzJ2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvMTMzOWRmLThlMDYtNDFkZS05NGYzLTBjYmEzM2VmYzViYi8x
L1J6Vks5TmVhWUpaUXBDNFptTzlNRnBJZ1lMUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
MTMzOWRmLThlMDYtNDFkZS05NGYzLTBjYmEzM2VmYzViYi8xL3c4R0ZKLU9pQnE4
b1FnS05sYTdFRXpqbzJ2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAz48gAMEAz48yAMEAtWwFDAMAwQG
1bBAAwQC1bBIAwQD1bBYAwQD1bBwMA0GCSqGSIb3DQEBCwUAA4IBAQCttml4qrvK
wOIoWTR8vhcRtUU25O8wW+kaOZoI4ojQ+kW6cA3dPVOrTWqASmW8PaCus/XgKzML
PWUr+F7W9333f9WcssZ8hxXlKR6lVpXXxjJ4QAoirBgS7hA6YkNU3sU/JLzNh9j0
VWjGcsfAZ2U9k70j6i69GbqDPSwLl0iKOXZfECB+L2gyCItlBW3YLpYI0uvQ8BUP
cKJQ/Zhv0fgb+54NOVvEaX09cEQtjAJWU0DktW+D5azCb/rGPcUDzfAkIDvXnZtp
iocl5YsFl5W+USGy67y1Cp6JV3aEewuybQTwaXSLp5+G8CtvHOhZ+KgNHYvyRLyF
AQIW660up3CD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:35 2023 by rpki-client on console-fra.rpki-client.org